<?php

if (!defined('IN_ECS'))
{
    die('Hacking attempt');
}

/**
 * 修改个人资料（Email, 性别，生日)
 *
 * @access  public
 * @param   array       $profile       array_keys(user_id int, email string, sex int, birthday string);
 *
 * @return  boolen      $bool
 */
function edit_profile($profile)
{
    if (empty($profile['user_id']))
    {
        $GLOBALS['err']->add($GLOBALS['_LANG']['not_login']);

        return false;
    }

    $cfg = array();
    $cfg['username'] = $GLOBALS['db']->getOne("SELECT user_name FROM " . $GLOBALS['ecs']->table('users') . " WHERE user_id='" . $profile['user_id'] . "'");
    if (isset($profile['sex']))
    {
        $cfg['gender'] = intval($profile['sex']);
    }
    if (!empty($profile['email']))
    {
        if (!is_email($profile['email']))
        {
            $GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_invalid'], $profile['email']));

            return false;
        }
        $cfg['email'] = $profile['email'];
    }
    if (!empty($profile['birthday']))
    {
        $cfg['bday'] = $profile['birthday'];
    }


    if (!$GLOBALS['user']->edit_user($cfg))
    {
        if ($GLOBALS['user']->error == ERR_EMAIL_EXISTS)
        {
            $GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['email_exist'], $profile['email']));
        }
        else
        {
            $GLOBALS['err']->add('DB ERROR!');
        }

        return false;
    }

    /* 过滤非法的键值 */
    $other_key_array = array('msn', 'qq', 'office_phone', 'home_phone', 'mobile_phone');
    foreach ($profile['other'] as $key => $val)
    {
        //删除非法key值
        if (!in_array($key, $other_key_array))
        {
            unset($profile['other'][$key]);
        }
        else
        {
            $profile['other'][$key] =  htmlspecialchars(trim($val)); //防止用户输入javascript代码
        }
    }
    /* 修改在其他资料 */
    if (!empty($profile['other']))
    {
        $GLOBALS['db']->autoExecute($GLOBALS['ecs']->table('users'), $profile['other'], 'UPDATE', "user_id = '$profile[user_id]'");
    }

    return true;
}

/**
 * 获取用户帐号信息
 *
 * @access  public
 * @param   int       $user_id        用户user_id
 *
 * @return void
 */
function get_profile($user_id)
{
    global $user;

    /* 会员帐号信息 */
    $info  = array();
    $infos = array();
    $sql  = "SELECT user_name,email,firstname,lastname,sex,province,address,country,zipcode,user_type,photo,email_daily ".
           "FROM " .$GLOBALS['ecs']->table('users') . " WHERE user_id = '$user_id'";
    $infos = $GLOBALS['db']->getRow($sql);
    $infos['email'] = addslashes($infos['email']);
	$infos['user_name'] = addslashes($infos['user_name']);

    $row = $user->get_profile_by_name($infos['email']); //获取用户帐号信息
    $_SESSION['email'] = $row['email'];    //注册SESSION

    $info['email']       = $_SESSION['email'];
    $info['sex']         = isset($infos['sex'])      ? $infos['sex']      : 0;
	$info['user_name']   = $infos['user_name'];
    $info['birthday']    = isset($infos['birthday']) ? $infos['birthday'] : '';
	$info['firstname']   = $infos['firstname'];
	$info['lastname']    = $infos['lastname'];
	$info['province']    = $infos['province'];
	$info['address']     = $infos['address'];
	$info['country']     = $infos['country'];
	$info['zipcode']     = $infos['zipcode'];
	$info['user_type']   = $infos['user_type'];
	$info['photo']   	 = $infos['photo'];
	$info['email_daily']   	 = $infos['email_daily'];
    return $info;
}
?>